A snowball’s chance
It comes as no surprise that the vast majority of the members who responded were upset about the new license-activation process created by Microsoft.

Cert kingdom member Nbdyfool says he doesn’t see how software piracy could be truly hurting Microsoft and its profits, as its chairman, Bill Gates, is one of the world’s five richest people. He also finds it hard to sympathize with Microsoft when it’s apparent that the company is doing so well.

Another member, TechBoy 606, says he will not be making the jump to Windows XP because of its limited installations. He remembers when software installations were done by floppy disk instead of CDs, and the floppies counted the number of installs made by each disk. TechBoy also says that his job requires a lot of time already, and he won’t do anything that will require more time by e-mailing or calling a company about issues with licensing.

Best Microsoft MCTS Training – Microsoft MCITP Certification at Certkingdom.com

Member Nick Clark asks why Microsoft didn’t ask its clients for their opinions about piracy prevention:
“With this becoming such a BIG problem for us to adhere to, why hasn’t Microsoft asked us what we thought about piracy prevention? I know for a fact there are some Cert kingdom members that have had good ideas in the past when asked for ideas to real world issues. Microsoft has to do the same! It appears to me that all the flack they’re getting will result in a lot of new UNIX/Linux admins out there.”

Is it time to turn your back on Microsoft?
While some Cert kingdom members expressed their views on the new licensing scheme, other members had opinions to share about alternatives to Microsoft products.

Cert kingdom member Cutplug believes that the new licensing program will move people away from Microsoft products and toward Linux as the new OS of choice, specifically Red Hat. He continues by saying that no one in their right mind would pay such a large amount of money without control over the product that they’re purchasing.

Member Raheesom says, “I KNOW Novell technology is better than MS, but Novell is no longer popular enough for the IT professional to take it seriously.” Raheesom says he will have to look for a Linux or UNIX alternative.

Finally, Cert kingdom member FrankArrow asks members to consider MacOS X. He says that the new Macintosh operating system is based on the Free BSD UNIX kernel and doesn’t require any kind of registration. He further states that purchasing Macs over PCs would send a strong message to Microsoft: Don’t push us, because we have alternatives.

If you can’t join ‘em, work around ‘em
The discussion also focused on ways to get around Microsoft’s new licensing system.

Some members, such as Tetsu96, expressed an interest in cracking the license in Windows XP and Office XP. He believes that if Microsoft continues with their activation plan, hackers will have a field day finding ways around the license registration. Tetsu96 says that there are too many variables that would keep Internet registration from being practical for an average Windows user.

Cert kingdom member RobertR explained that there are already ways around the licensing scheme:
“[There are currently] several ways around the [Windows XP] online process. When registering the final version, you will be able to get a ‘code’ via the phone. Just use the same code when you reinstall. As for Office XP, the phone option exists and the code is reusable! Also, you can crash the install by saying no to the registration, reboot, then ‘unregister’ a certain dll, add a certain registry key, reboot, and, poof, it’s ‘registered’!”

Some Cert kingdom members, such as Brian Gray, expressed a concern with supporting users in business environments and home use. Brian explains that he carries a case of burned CDs with him wherever he goes in order to help him do his job in a “timely manner.” He says that he knows he isn’t the only IT professional who uses this method. He goes on to say that he isn’t a software pirate; he only wants to fix the problem quickly. He believes this won’t be possible if he’s waiting on the phone with a Microsoft representative, which will in turn cost his clients time and money.

Some will support XP no matter what
While a large majority of the Cert kingdom members who joined this debate stated that they don’t like Microsoft’s new licensing program, other members support Microsoft’s side of the argument.

A good example is Bergeo, who is a product demonstrator for Microsoft in Belgium. Bergeo explains that the product activation can occur in one of two ways: Internet or telephone. According to Bergeo, both are painless, often quick, and require no personal user information. Bergeo also explains how the hardware changes in a PC might cause a product to stop working:
“For people who often change hardware pieces in their PC, Office XP will refuse to start after five changes in the configuration. All you have to do is to call Microsoft and tell them to cancel the activation you’ve made before.”

Cert kingdom member Sdouglas thinks that the product activation feature is actually a clever idea. Sdouglas believes that using the activation feature will force users to be honest about their use of Windows or Office. Sdouglas also says that anyone who is complaining about the new licensing activation is most likely involved in pirating software.

With the upcoming release of its new SQL Server database (code-named Yukon), Microsoft has decided to enter a market traditionally led by specialized business reporting software companies, such as Crystal Decisions and Actuate. Because the business reporting segment is still experiencing growth in an otherwise bleak software market, Microsoft obviously sees an opportunity to capitalize when its venerable SQL Server database product is released. Tentatively named SQL Server Reporting Services, Microsoft plans to develop this add-on feature to provide the database services capabilities needed to generate reports. Let’s take a look at how this new SQL Server add-on will possibly change this software market.

The importance of Microsoft SQL
End-user business reporting is extremely specialized. Business reporting software companies have to work closely with larger organizations to tailor the output for their customers’ individual requirements. This close relationship has blossomed over the years and developed into the multibillion-dollar business reporting services industry. A key part of that growth was Microsoft’s SQL Server software, which provided the engine for these custom reporting applications to operate.

Best Microsoft MCTS Training – Microsoft MCITP Certification at Certkingdom.com

By staying out of end-user reporting services, Microsoft created opportunities for other software companies to custom-tailor reporting packages for organizations looking to make sense of valuable database information. While many of these software companies continue to develop products in a cross-platform environment, Microsoft SQL is obviously an important part of their business strategy.

What does SQL Server Reporting Services mean for vendors?
First off, it is important to note that Microsoft has not indicated a desire to provide actual report generation with its SQL Server Reporting Services. It merely includes the hooks in the database server for report creation. Another third-party reporting engine will still have to handle the actual writing of the reports. Second, this service is still in a testing phase, so many details about what the add-on will include are still unknown. Also, with the traditionally long testing cycles for Microsoft products, it is difficult to say when the add-on will be available. Nonetheless, Microsoft’s impact will be significant in the once third-party-dominated field of reporting services.

The biggest question is how the relationships between the reporting services vendors and their customers will be changed now that Microsoft is providing the back-end computing for report generation. These vendors have worked with Microsoft SQL extensively in the past to ensure a smooth reporting infrastructure for their customers. With Microsoft entering the reporting services market, that relationship should become adversarial.

Fortunately, in the short term, the business reporting software vendors can count on few changes in their business model. The larger vendors develop their reporting software to work in more realistic, non-Microsoft SQL-only environments, so their cross-platform advantage will keep their customers from switching right away. For instance, Crystal Decisions’ new Crystal Enterprise 9 product release boasts of interoperability among various operating systems by explaining, “Different systems can be combined in one installation, allowing you to pick the best platform for each component. For example, large reports may be better run close to the database on a UNIX platform, and Web components may be managed more easily on a Windows platform.”

Pricing
One area of concern is future product pricing. Traditional Microsoft forays into established software businesses have made pricing difficult for those vendors that developed off the Microsoft SQL platform. Many future buyers of reporting services will be hard-pressed to justify the higher costs for third-party products when much of the database engine work has already been included with Microsoft’s new SQL Server version. In addition, upgrades could be put off until the SQL Server Reporting Services product is tested, causing vendors to adjust their prices further downward.

The future of business reporting software
Business reporting software makes sense out of the seemingly infinite amounts of data accumulated by organizations today. From end-user reports to sales-analysis tools, the software that drives this process is database software. In the past, Microsoft has enabled certain business reporting services companies to develop unfettered of its long reach and superior market position. When Yukon is finally released and the database reporting software that is proposed is fully tested, that all may change.
Tell us what you think
We would like to know your position on this topic. Start a discussion at the end of this article by clicking on the Discuss button below. Some food-for-thought topics include:

* Will your current investment in existing business reporting products preclude you from making a switch to Microsoft’s proposed SQL Server Reporting Services?
* Will the multiserver environments that most third-party business reporting vendors operate out of make it difficult for Microsoft to completely take over this market?
* Do you foresee Microsoft eventually extending its SQL Server offerings to include report generation?

Microsoft Security Bulletin (MS01-034)
Regarding: “Malformed Word Document Could Enable Macro to Run Automatically”
Date Posted: June 21, 2001
Patch URL: Microsoft Word 2002
Patch URL: Microsoft Word 2000
Patch URL: Microsoft Word 97
Patch URL: Microsoft Word 2001 for Macintosh
Patch URL: Microsoft Word 98 for Macintosh
Information URL: Click here for more information.

When a Word document is opened, it is automatically scanned for macros. Depending on the user’s security settings in Word 2000 and 2002, and always in Word 97, the user is allowed to choose whether to execute the macro. A vulnerability has been discovered that will allow some specially modified macros to execute regardless of the user’s choice or knowledge. If security patch MS01-028 has been applied, this patch is unnecessary.

Best Microsoft MCTS Training – Microsoft MCITP Certification at Certkingdom.com

Microsoft Security Bulletin (MS01-036)
Regarding: “Function Exposed via LDAP over SSL Could Enable Passwords to be Changed”
Date Posted: June 25, 2001
Patch URL: Windows 2000 Server and Advanced Server
Information URL: Click here for more information.

If the LDAP server has been configured to allow LDAP over SSL connections and to allow users to change data attributes of directory principals, a vulnerability exists that would allow a domain user to change password attributes for any user, including the administrator. This could allow an attacker to change the password-denying service to that user and give the attacker the privileges of the affected user.

Novell issues
Regarding: NDS 8, NDS Corporate Edition, NDS eDirectory, eDirectory 8.5, iChain, iChain 1.5
Date Posted: June 25, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This patch fixes local repair options for the NDSRepair utility.

Regarding: NetWare 5.1, Novell Small Business Suite 5.1
Date Posted: June 25, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This patch for Account Management for Win2K fixes a password synchronization problem.

Virus updates from Trend Micro
Virus/Worm: BAT_FORMATC.K
Posted: June 21, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: PE_MARI.A
Posted: June 22, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_LEAVE.A
Posted: June 25, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_NEWSFLOOD.A
Posted: June 25, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_CHOKE.A
Posted: June 25, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_VAMP.A
Posted: June 25, 2001
Risk: Low
Information URL: Click here for more information on this virus.
Check out our archive of updates and patches
Are you keeping up with the latest patches from Microsoft and Novell? If not, visit the Exterminator archive for past columns with information on bugs and patches you may have missed.

Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft Security Bulletin (MS01-034)
Regarding: “Malformed Word Document Could Enable Macro to Run Automatically”
Date Posted: June 21, 2001
Patch URL: Microsoft Word 2002
Patch URL: Microsoft Word 2000
Patch URL: Microsoft Word 97
Patch URL: Microsoft Word 2001 for Macintosh
Patch URL: Microsoft Word 98 for Macintosh
Information URL: Click here for more information.

When a Word document is opened, it is automatically scanned for macros. Depending on the user’s security settings in Word 2000 and 2002, and always in Word 97, the user is allowed to choose whether to execute the macro. A vulnerability has been discovered that will allow some specially modified macros to execute regardless of the user’s choice or knowledge. If security patch MS01-028 has been applied, this patch is unnecessary.

Microsoft Security Bulletin (MS01-036)
Regarding: “Function Exposed via LDAP over SSL Could Enable Passwords to be Changed”
Date Posted: June 25, 2001
Patch URL: Windows 2000 Server and Advanced Server
Information URL: Click here for more information.

If the LDAP server has been configured to allow LDAP over SSL connections and to allow users to change data attributes of directory principals, a vulnerability exists that would allow a domain user to change password attributes for any user, including the administrator. This could allow an attacker to change the password-denying service to that user and give the attacker the privileges of the affected user.

Novell issues
Regarding: NDS 8, NDS Corporate Edition, NDS eDirectory, eDirectory 8.5, iChain, iChain 1.5
Date Posted: June 25, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This patch fixes local repair options for the NDSRepair utility.

Regarding: NetWare 5.1, Novell Small Business Suite 5.1
Date Posted: June 25, 2001
Patch URL: Click here to download the patch.
Information URL: Click here for more information.

This patch for Account Management for Win2K fixes a password synchronization problem.

Virus updates from Trend Micro
Virus/Worm: BAT_FORMATC.K
Posted: June 21, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: PE_MARI.A
Posted: June 22, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_LEAVE.A
Posted: June 25, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_NEWSFLOOD.A
Posted: June 25, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_CHOKE.A
Posted: June 25, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_VAMP.A
Posted: June 25, 2001
Risk: Low
Information URL: Click here for more information on this virus.

A newly discovered flaw in Microsoft’s Passport put another layer of tarnish on the company’s already heavily corroded security image. Microsoft was forced to temporarily shut down its Passport e-wallet service after being warned that hackers could pickpocket individual e-wallets.

Passport and e-wallet
Microsoft’s Passport service provides a centralized database to store and distribute confidential data and a way for users to be identified on the Web. Passport can make Web sites easier to use because you don’t have to keep identifying yourself to gain access to various services.

Of course, this convenience comes at the not-so-minor cost of giving Microsoft control over your personal data, which, because of the company’s spotty security record, is not something I would recommend.

The online shopping feature of Passport, known as e-wallet, is supposed to eliminate all that tedious data input when you place an order online. Microsoft’s promise is essentially this: “Give us your name, address, and credit card number, and we will send that information to merchants on request.” So far, more than 70 online merchants have signed up for Microsoft’s Express Purchase service.

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

Handing over your virtual wallet
Does it really take a highly paranoid security specialist like me to see that this might be a bad idea? Apparently, several million people out of the much larger Passport community have already signed up for this e-wallet service. According to Microsoft, those subscribers may have placed their personal data at risk due to a flaw that could allow a hacker to obtain the contents of their virtual wallet just by clicking on a link contained in a Hotmail e-mail account message.

Microsoft said that it immediately shut down the e-wallet service after learning of the problem and that Passport security has been enhanced. But that leaves open the question of whether any hacker took advantage of this flaw before a white-hat hacker discovered it and informed Microsoft.

Microsoft was quick to point out that this was an “isolated” problem (almost every individual security problem is) and that it patched the flaw immediately. The company also said that no e-wallet user’s credit card information was actually compromised. That may be true, but the cracker would probably leave no trace using this method, so I’m not certain just how Microsoft can know that no personal data was stolen.

Is even one of you surprised by this latest security breach at Microsoft? Did anyone not see this coming? The answer to both questions is probably a resounding “No.” For some time now, many IT professionals have been very cautious about Passport and downright obstinate about e-wallet.

The bottom line
Convincing people to trust Passport is vital to a number of upcoming Microsoft services in the .NET initiative. So if this recent Passport security flaw becomes widely known, it could be a much bigger PR problem for Microsoft than it appears to be on the surface. Indeed, Passport, which has recently been renamed .NET Passport, may be the crown jewel in the .NET crown.

Unfortunately, most average users will know little about this problem, and even fewer will realize that this is only one in a long string of Microsoft security problems. Anyone with any concerns about personal or business privacy and identity theft must place a great deal of trust in a company’s security policies before they give any confidential information to an online service that offers to serve as a gatekeeper for sensitive personal and financial information.

Microsoft must be hoping that average users won’t notice that there were about 100 Microsoft security bulletins in 2000 and that we are well on track to see another 60 or 70 by the end of this year. In addition to credit card information, Microsoft wants people to eventually store other confidential data, such as medical records, in Passport accounts.

Some people will even be foolish enough to provide debit card numbers, which, unlike credit cards, offer little or no fraud protection. While having your credit card stolen is annoying, it isn’t a big problem because credit card issuers limit the amount you can be forced to pay for fraudulent charges. But since debit cards offer direct access to your bank account, having that number stolen can be just like losing a checkbook full of signed, blank checks.

There is also some question as to whether can you continue to use Microsoft software and still avoid Passport. That’s going to become a major problem in the near future. If you haven’t yet installed a copy of XP, you may not realize that anyone running the new Microsoft operating system will be virtually forced to sign up for Passport.

Microsoft is making a big push to get everyone to use Passport as part of the impending .NET initiative, and in the years ahead, it will probably become increasingly difficult to use Microsoft programs if you don’t provide at least a minimum of information to Passport.

Would you like to provide your users with accessibility to your company’s e-mail system no matter where they are? With Microsoft Outlook Web Access for Exchange Server, they’ll never be more than a browser (with frames support) away from their Inbox. They can have secure access to their Inbox and calendar from any PC with Internet access in the world.
This article appears courtesy of TechRepublic’s TechProGuild, the subscription Web resource for IT administration and support professionals. Among other great benefits, TechProGuild offers in-depth technical articles, e-books, and weekly chats moderated by industry experts on hot topics such as the latest OS developments and career advancement. Sign up now for a FREE 30-day trial of our TechProGuild service.
Outlook Web Access (OWA) became available with Microsoft Exchange version 5. Basically, OWA is intended to supplement Microsoft Outlook. It gives users remote access to many of the core components and functions of the client that they use in the office. Unfortunately, most administrators don’t know about it, so they don’t use its great features. In this Daily Drill Down, I’ll discuss how you can put these helpful features to work in your organization.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

Outlook Web Access requirements
For your server, you’ll need the following components:

* Pentium 6/200 single processor
* 256 MB RAM
* Network connection to Microsoft Exchange Server
* Microsoft Windows NT operating system with Service Pack 4 (SP4) or later
* Microsoft Internet Information Server (IIS); Exchange Server 5.0 supports IIS 3.0 only, but Exchange Server 5.5 supports IIS 3.0 or later
* Active Server Pages (ASP), which are available on Microsoft Windows NT 4.0 Service Pack 3 CD-ROM
* Active Server components (which come with Exchange Server 5.0) or Outlook Web Access components (which come with Microsoft Exchange Server 5.5)
* Exchange Server 5.0 Service Pack 1 (SP1) or Microsoft Exchange Server 5.5 Service Pack 2 (SP2); SP1 and SP2 provide enhanced Outlook Web Access components

For your client, you’ll need an Internet browser that’s capable of displaying Active Server Pages. You’ll also need Internet Explorer 3.02 or later (or any third-party browser that’s capable of supporting frames).

Outlook Web Access recommendations
As with most of Microsoft’s server-based products, you ought to dedicate at least one server to performing the foundation that’s needed by Internet Information Server and Outlook Web Access Server components. Microsoft recommends that Outlook Web Access and Microsoft Exchange Server not be installed on the same machine. (Please note that Windows NT Challenge/Response (NTLM) authentication isn’t supported.) Microsoft also recommends that you use load balancing hardware or software in order to serve users better and to improve server response and availability.

The Microsoft Outlook Web Access server performs most of the processing for connected clients. The OWA Server also handles the entire load that’s required by active client connections. Supporting one client on the Outlook Web Access Server is similar to running one instance of Microsoft Outlook. Thus, to support the connections and requests, the Outlook Web Access Server must run many active MAPI sessions to the Microsoft Exchange Server. The overhead that’s created by the Internet browser running on the client computer is small, but the session that’s created by the client connection to the Outlook Web Access Server consumes many resources on that server. Keep this information in mind and plan the potential load on the Outlook Web Access Server accordingly.

When you plan any project, you must address scalability. To ensure that OWA maintains a semblance of scalability and to allow for organizational growth and changes, Outlook Web Access and Internet Information Server must reside on a dedicated server that’s separate from other Exchange Servers. As the number of clients increases, the load on the Outlook Web Access Server will increase, and you’ll need to add more servers. You can add more OWA Servers without affecting the existing Microsoft Exchange Server or the mailboxes in your organization.

When you need to add another Microsoft Outlook Web Access Server to your organization, load balancing makes the process much easier. Load balancing, which is available in hardware and software variations, allows multiple servers to process and handle requests that are intended for a single IP address. Load balancing has several benefits. First, users will need only one URL to access their e-mail accounts; the load balancing software or hardware will determine which Outlook Web Access Server handles the request. Another benefit is its continued availability. If a user makes a request and a member of a server load balancing team is down, the request will be directed to another server automatically. In some cases, load balancing software or hardware can distribute the load that’s placed on servers by noting which servers are busiest at the time of the request and then by directing the new request to a less burdened machine.

To satisfy general load-balancing requirements, Microsoft recommends that you use Windows Load Balancing Service (WLBS) as a load balancing software solution and Cisco’s LocalDirector as a load balancing hardware solution. WLBS supports up to 32 servers; LocalDirector supports up to 64,000. However, WLBS won’t work in OWA scenarios because WLBS uses round-robin DNS: When a request is made to a DNS server, the DNS server points the request to the next available member of the WLBS team. It doesn’t consider server load. Round-robin DNS works only with stateless ASP applications. Each user request is sent to the next server that’s a member of the WLBS team, but the new server interrupts the user’s ASP session. That means that users who try to access their e-mail via the OWA Server must log in every time they make another request.

Functionality
With Microsoft Outlook Web Access for Exchange Server, access to a user’s e-mail account is no longer restricted to a particular operating system. As long as the browser being used supports frames, access to important information is possible. OWA provides a true cross-platform messaging and application collaboration system. OWA is a MAPI application that’s composed of binary, HTML, and ASP script files. The scripts use Collaborative Data Objects (CDO) to access mailbox and public folder information that’s stored on the Microsoft Exchange Server computer. OWA also uses Microsoft Active Server Pages on the Internet Information Server. JavaScript and Java control, which are downloaded to the user’s Internet browser on demand, generate HTML pages.

Although the browser uses the downloaded JavaScript to perform some of the processing on the client computer, the Microsoft Outlook Web Access Server handles most of the processing that the Outlook Client usually completes. This server processing includes MAPI sessions, client logic, state information, address resolution, rendering, content conversion, and Remote Procedure Calls (RPC) communications with the Microsoft Exchange Server. The Exchange Server receives and completes requests that the Outlook Web Access Server makes. (These requests resemble requests from any MAPI client.)

The process
Here’s what happens when users open messages in their Microsoft Exchange Server Mailboxes using a browser with Outlook Web Access. First, a browser with the Outlook Web Access client sends a request to a Microsoft Internet Information Server and the OWA Server. This request includes a cookie that identifies the browser and the user. IIS accepts the request and hands it to Active Server Pages (ASP) for processing. ASP verifies that the cookie points to a valid ASP session and that the user making the request has logged on properly. Next, the Internet Services API (ISAPI) filter determines which language to use when displaying messages in the browser. Then, ASP opens the script that’s named in the URL and executes any server-side Microsoft Visual Basic script it contains. These scripts use CDO to open the message that’s in the user’s Microsoft Exchange Server Information Store. The message GUID is passed on within the query string of the URL. Next, The CDO rendering library (Cdohtml.dll) converts the requested message into HTML format, and IIS sends the HTML to the browser. Finally, the browser renders the HTML, including the embedded JavaScript.

Outlook Web Access security
You can configure Outlook Web Access to support one or more of several different types of authentication. As usual, there are advantages and disadvantages to many of these configuration options. The following configurations will authenticate OWA users:

* Anonymous
* Basic (clear text)
* Basic (clear text) over Secure Sockets Layer (SSL)
* Windows NT Challenge/Response (NTLM)

Anonymous authentication
If Outlook Web Access is set up to accept an anonymous connection, any user with access to the OWA Web page can use Outlook Web Access without specifying a Windows NT account name or password. When a user accesses OWA and makes an anonymous connection, Internet Information Server logs on the user with an anonymous (guest) account, which is a valid Windows NT user account. The default IIS user account is IUSR_computername. Be aware that anonymous authentication grants access only to resources that are anonymously published, such as public folders and directory content. Table A summarizes the advantages and disadvantages of using anonymous authentication.

Table A

Basic (clear text) authentication
When using basic (clear text) authentication, a user who tries to connect to OWA must supply a valid Windows NT account username and password. The user’s account and password are transmitted as clear text over the network to the Internet Information Server/Outlook Web Access Server. Validating users with basic (clear text) authentication gives them the ability to access an unlimited number of resources that are located on machines other than the Outlook Web Access Server. A user can access e-mail on one Microsoft Exchange Server and public folders on another Microsoft Exchange Server.

Since basic authentication transmits clear text passwords across the network, Microsoft recommends that you also use SSL. SSL encrypts all information that passes through IIS. Table B summarizes the advantages and disadvantages of using basic authentication.

Table B

Basic (clear text) over SSL
When using basic authentication over SSL, a user must specify a valid Windows NT user account name and password in order to access OWA. Usernames and passwords are transmitted as encrypted information over the network to the Internet Information Server/Outlook Web Access Server. Basic authentication over SSL allows users to access an unlimited number of resources, which may be located on machines other than the Outlook Web Access Server—just like basic (clear text) authentication does. Table C summarizes the advantages and disadvantages of using basic over SSL authentication.

Table C

Windows NT Challenge and Response (NTLM)
Windows NT Challenge and Response requires a user to specify a valid Windows NT user account name and password in order to access the OWA Server. The username and password are sent from the browser to the IIS as encrypted information. All information that the user wants to access must reside on the same server as IIS and the Outlook Web Access Server. Windows NT Challenge and Response authentication isn’t supported if IIS and the OWA Server are located on the same machine that contains Microsoft Exchange Server. Table D summarizes the advantages and disadvantages of using Windows NT Challenge and Response.

Table D

Multiple users
If multiple users are going to share the same computer and use it to access e-mail via OWA, Microsoft recommends that you disable local caching. Doing so lessens the chances that a message a user accessed via Outlook Web Access still resides on the local disk, where the wrong user could access it. Microsoft also recommends that you disable the Save Password option in Internet Explorer in order to lower the chances that a nosy user will access another person’s e-mail account.

Outlook Web Access installation
Below, I’ve provided a step-by-step guide that will explain how to install Microsoft Outlook Web Access. The test machine is a Windows NT 4.0 Server with Windows NT Service Pack 6a, Internet Information Server 4.0, and Active Server Pages installed.

1. Insert the Microsoft Exchange 5.5 CD-ROM into the machine on which you plan to install Outlook Web Access.
2. In the Setup Selection window, select Set Up Server And Components.
3. In the Choose And Install window, select Microsoft Exchange Server 5.5.
4. Accept the End User License Agreement.
5. In the Exchange Server Setup box, select Complete/Custom.
6. Make sure that the Outlook Web Access option is the only one that’s checked and click Continue. If you haven’t installed IIS 4.0 and/or Active Server Pages yet, you’ll be notified via a pop-up screen. (Setup won’t continue. You’ll have to stop setup and install the missing component(s).) Then, start these steps over. Please note that IIS 4.0, which can be found in the Windows NT 4 Option Pack, requires Internet Explorer 4.01 or later.
7. Exchange Server Setup begins and explains that it will stop the Internet Information Server Service.
8. Microsoft Exchange Server Setup prompts you for the name of the Microsoft Exchange Server to which the Outlook Web Access Server will connect.
9. Files are copied to the local computer. Services that OWA needs are stopped and started, and Outlook Web Access is installed.
10. Upon completion, a pop-up window appears and lets you know if all is well.
11. You’re finished.
12. To test your setup, open your browser, type the name of the computer that’s running Outlook Web Access in the address line, and press [Enter]. (The address probably will be something like https:://computername/exchange.)
13. You’ll be prompted for your username and password. You may need to include your domain name, too (such as domainname\username). Don’t check Save This Password, since that would allow anyone to access your mailbox from your computer.
14. You’ll be welcomed to your Inbox.
15. After successfully reading and sending some e-mail messages, remember to log off and close your browser. That way, you can be certain that no unauthorized users will view your mail.

Conclusion
Microsoft’s Outlook Web Access provides a quick and easy method of increasing the accessibility of your company’s e-mail system. Configuring OWA properly gives you a solid and secure method of remotely accessing e-mail. Of course, you must consider the variables when you’re implementing OWA. All Microsoft installations will be unique to your organization, so you should customize OWA accordingly. For more information on tuning and enhancing the performance of IIS and ASP, please point your browser here.

Microsoft Corp. Chairman Bill Gates has announced he is moving aside to let company president Steve Ballmer take the reins as the company’s chief operating officer. Gates, who will remain chairman, now has the title of chief software architect.

The announcement came amid reports that lawyers prosecuting the government’s case against Microsoft are pushing to split the company into two or three separate companies. However, company officials say yesterday’s change was planned long before Microsoft’s legal troubles.

How is the announcement being interpreted, and what will the change mean for Microsoft? Here are 10 links that explain yesterday’s news.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

* ·  The New York Times gives a thorough overview of yesterday’s announcement . Included is an analysis of Microsoft’s struggles with Internet competitors. The Times also has an article that quotes Ballmer as saying that the breakup of Microsoft into smaller companies would be “reckless.”
* ·  The Washington Post ran a profile of Ballmer this morning that quotes one Microsoft official as calling him “Microsoft’s ‘heart and soul.’“
* ·  MCNBC, which is partially owned by Microsoft, has a lengthy story on Ballmer that includes a “Ballmer-Gates Partnership” timeline.
* ·  If you have a multimedia player, you can listen to a report on National Public Radio’s All Things Considered that includes comments by Ballmer on the breakup.
* ·  Some of the most comprehensive coverage of the announcement has come from CNET, which includes an analysis of Gates’ continuing role in Microsoft as well as Microsoft’s move to Internet-based software.
* ·  A story in the Financial Times focuses on the challenges that Gates will face as the company’s “software architect” in a changing software environment .
* ·  You can also check out a press release on the announcement from Microsoft that includes numbers for the media and investor relations.
* ·  And while it’s not a free site, if you subscribe or have a trial subscription to The Wall Street Journal Interactive Edition, you can check out a thorough analysis of yesterday’s announcement.

What do you think about Steve Ballmer taking on the day-to-day working of Microsoft? What changes do you think are in store for Microsoft? How will this affect consumers? Post a comment below.

Microsoft Corp. Chairman Bill Gates has announced he is moving aside to let company president Steve Ballmer take the reins as the company’s chief operating officer. Gates, who will remain chairman, now has the title of chief software architect.

The announcement came amid reports that lawyers prosecuting the government’s case against Microsoft are pushing to split the company into two or three separate companies. However, company officials say yesterday’s change was planned long before Microsoft’s legal troubles.

How is the announcement being interpreted, and what will the change mean for Microsoft? Here are 10 links that explain yesterday’s news.

* ·  The New York Times gives a thorough overview of yesterday’s announcement . Included is an analysis of Microsoft’s struggles with Internet competitors. The Times also has an article that quotes Ballmer as saying that the breakup of Microsoft into smaller companies would be “reckless.”
* ·  The Washington Post ran a profile of Ballmer this morning that quotes one Microsoft official as calling him “Microsoft’s ‘heart and soul.’“
* ·  MCNBC, which is partially owned by Microsoft, has a lengthy story on Ballmer that includes a “Ballmer-Gates Partnership” timeline.
* ·  If you have a multimedia player, you can listen to a report on National Public Radio’s All Things Considered that includes comments by Ballmer on the breakup.
* ·  Some of the most comprehensive coverage of the announcement has come from CNET, which includes an analysis of Gates’ continuing role in Microsoft as well as Microsoft’s move to Internet-based software.
* ·  A story in the Financial Times focuses on the challenges that Gates will face as the company’s “software architect” in a changing software environment .
* ·  You can also check out a press release on the announcement from Microsoft that includes numbers for the media and investor relations.
* ·  And while it’s not a free site, if you subscribe or have a trial subscription to The Wall Street Journal Interactive Edition, you can check out a thorough analysis of yesterday’s announcement.

What do you think about Steve Ballmer taking on the day-to-day working of Microsoft? What changes do you think are in store for Microsoft? How will this affect consumers? Post a comment below.

Microsoft on Thursday divulged a few more details about its upcoming Internet Explorer 7, and admitted that its implementation of tabs — one of the most-requested new features — will be just “catch-up” to rivals such as Firefox and Opera.
Tony Schreiner, a Microsoft developer with the IE team, posted a lengthiest-yet description to the Redmond, Wash.-based company’s blog of how tabs will be implemented in the upcoming IE 7.

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

The browser is expected to roll into beta sometime this summer.

“Our philosophy for tabbed browsing is to keep the user in control of the experience,” claimed Schreiner at the start of the blog. He then went into detail on some of the tab features IE 7 will sport

Tabs will be turned on by default, Schreiner confirmed. In some situations, windows will continue to open in new, separate frames rather than in a new tab, but ordinary pop-ups will open in a new foreground tab.

“This seems to correlate with scenarios where showing a window on top of the current window is desirable, such as replying to posts on message boards and getting a close-up view of items on shopping sites,” said Schreiner.

Users will be able to open links in a new tab by middle-clicking on a three-button mouse, or Ctrl-clicking links. Keyboard shortcuts will be available for switching between tabs — Firefox, for instance, uses Ctrl-Tab — and users will be allowed to open tabs in the background or foreground, or open them in a new window.

At the moment, the plan is for each tab to operate on its own thread (as will each frame). Each tab is on a separate thread, and the frame is also on its own thread. Schreiner admitted that this would boost the memory footprint of IE, but argued that it would the browser to “feel faster and provide an overall better user experience.”

One of the more surprisingly lines in the blog, however, is an admission that IE is behind the times, something many users — and all Firefox proponents — have been saying for months.

“This core functionality is largely catch-up to other browsers which support tabs,” said Schreiner. “[But it’s] a necessary foundation for future work.”

Schreiner wouldn’t spill the beans on every aspect of tabs in IE 7. When blog readers posted queries about such features as moving tabs (to better arrange the tab lineup) and asked how tabs would look, Schreiner deflected the questions. “The UI and configurability are something we can’t really talk about right now,” he said. “[But] there will probably be another blog post about this closer to or shortly after Beta 1 release.”

In my post on free software titles that can be used to make money in consulting, one product that came up from TechRepublic members in this discussion (and others) is FreeNAS. FreeNAS is a software storage operating system based on FreeBSD that supports all of the major storage networking protocols. Right there is the big difference between it and some of the other products; FreeNAS is focused on storage networking protocols. This includes, but is not limited to, Common Internet File System (CIFS) as is used for Windows networking, FTP, NFS and iSCSI.

FreeNAS is very flexible, as it can be installed on direct hardware or within a virtual machine. Be sure to check Donovan Colbert’s tip on how to configure it as a VirtualBox virtual machine for a synchronization service. This is just the nature of FreeNAS, it can do a lot of different protocols and use cases for storage networking. As the name implies, it is free; and that is a good thing. In fact, features such as replication, deduplication, and other smart functionality that drive these solutions adds incredible value to the customer seeking free storage software.

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

FreeNAS isn’t new either, in fact I’m three years late in introducing FreeNAS here as Justin Fielding did just that in 2007 on this very blog.

The biggest area in which FreeNAS can’t help free software seekers is fibre channel storage management. While block storage is available via the iSCSI initiator and target functionality; the name is FreeNAS not FreeSAN.

Today, FreeNAS has a number of options available for easy-to-run use. This includes flash or embedded types of installs for USB sticks, small hard drives, and virtual machine appliances. To be fair, the free storage appliances such as FreeNAS and others like it are not on my priority list. The VMware Compatibility Guide dictates what products are on the supported configuration list for my virtualization platform of choice. For FreeNAS, the storage protocol is iSCSI and, like other products, iSCSI for VMware virtualization may work with products not on the support lists. However, this is not an area you want to rely on for a production workload, unless it is an acceptable risk. Mark it a call to diligence to trade off the costs of a supported solution with the free package that works for you.

See the companion gallery, “Configuring FreeNAS for CIFS storage connectivity.”

What is your opinion of FreeNAS? Share your comments below and tell me what you’d like to covered.

The Microsoft Knowledge Base (MSKB) is by far the most comprehensive resource for troubleshooting Microsoft products. It’s a database of support information that encompasses the entire range of Microsoft software and hardware. Love it or hate it, the MSKB is a masterpiece of documentation, and once you familiarize yourself with it, you can harness its power to make your support tasks easier.

The MSKB comes in two forms: an online version, which you can find at Microsoft’s Support Web site, and a local version available to Microsoft TechNet subscribers. With the TechNet program, individuals and organizations pay an annual fee to have the Knowledge Base, service packs, Microsoft Resource Kits, and other support tools sent to them on CD or DVD. The online MSKB is free.

Although the local and online MSKBs contain basically the same information, their search mechanisms are quite different. Here, I will explain how to efficiently use the online version. If you’d like to learn more about the local MSKB, check out my previous article.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

Accessing the online MSKB
Microsoft’s Support Web site, shown in Figure A, allows you to search the MSKB in several ways. You can search by entering a word or phrase in the Search The Knowledge Base text box to the left of the page, or you can perform a more detailed search by clicking Advanced Search And Help.

Figure A
Microsoft’s Support Web site is your gateway to the online MSKB.

The site’s exact layout is determined by your geographic location (and so are the types of search options available). The U.S. site often defaults to the Advanced Search options, while the UK and Middle Eastern sites default to displaying only the Simple Search options.

Since I’ve found that the Advanced Search options more often provide the information I need, I recommend you use them. These options may appear either on the left side or center of the screen. The layout of these options is also determined by your geographic location, but both sets of options (shown in Figure B and Figure C) work equally well.

Figure B
These Advanced Search options will be displayed in the center of the screen.

Figure C
These Advanced Search options will be displayed to the left of the screen.

Tips for international users
I guess the term international user refers to any user outside the United States (myself included). To accommodate international users, Microsoft’s Support Web site should automatically adapt itself to the language and locale currently configured on your computer.   If this doesn’t happen and you are presented with a site you cannot understand, you can manually change the site’s language by clicking the International Support link located on the bottom-left corner of the page. This configuration will be saved in a cookie on your machine, and each time you access Microsoft’s Support Web site, it will be displayed in the language you chose.
Searching the MSKB
Let’s look at various ways to locate the information you need quickly and effectively. If you’re lucky, you may already have an article’s Q-number (e.g., Q123456). Every MSKB article is assigned a unique Q-number, and this unique identifier is the easiest way to find a specific MSKB topic. If you have a Q-number, simply enter it into the text box under Search The Knowledge Base and click the green arrow button.

But often, it’s likely that you won’t have a Q-number when you begin your search and will have to start from scratch. The easiest way to do this is by searching for a word or phrase.

Use exact phrases
You’ll usually want to search for exact phrases when attempting to troubleshoot an error message, error code, log entry, memory address conflict, and even cryptic hexadecimal codes. Searching for exact phrases is fairly straightforward; simply enter the text as your search string, select The Exact Phrase Entered from the Using drop-down list, and click the Go button (the green arrow). For example, searching for the exact phrase WINWORD caused an invalid page fault in MSO9.DLL yields several workarounds for this problem.

A word of caution: Do not use quotation marks to group search terms into a sentence. Unlike Internet search engines, such as AltaVista, Google, Yahoo, or Microsoft’s own TechNet InfoViewer, the online MSKB completely ignores quote marks contained within the search string.
Write it down
The first rule of troubleshooting error messages is to write down the message. Save yourself some time; don’t rely on users’ vague descriptions of alerts. Having the exact wording can turn a potentially exhausting troubleshooting nightmare into a neat, quick fix.
When a problem yields no error message
There are always times when you just can’t provide one exact, fully formed sentence that describes the information you need. This is particularly true when the problem you’re trying to fix isn’t accompanied by an error message, or you’re trying to find out more information about a general issue rather than a specific error message.

This is where the Select A Microsoft Product drop-down list becomes handy. Before entering your search terms, select the product to which your search relates. This feature narrows the results by filtering out irrelevant topics. For example, if you’re tracking down a Windows 2000 user access problem, select Windows 2000 from the list to prevent your results list from being flooded with articles about Microsoft Access.
Don’t limit yourself to individual applications
You’ll find product suites and specific applications in the products list. For example, the MSKB article “XL: Error Message: Too Many Different Cell Formats” (Q213904) applies to any version of Excel 97 or later, including Mac editions. Hence, it would be listed under each of the following products: Office 97 for Windows Suite, Office 2000 Suite, Excel 97, Excel X for Mac, Excel 2000, and so forth.
Use creative search strings
Describe the problem’s observable symptoms. Avoid overly technical descriptions; instead, describe the problem from the user’s point of view. Refer to interface items, menu items, window titles, and so forth. If a particular search string fails to yield the information you need, rephrase the string using synonymous words until the results become relevant. For example, use the words stops responding instead of hangs, or use set up instead of install.

Some symptoms can also be described with several different terms, all of which are equally valid. The terms greyed out, grayed out, and disabled can all be found in various MSKB articles describing similar conditions.
Try various word forms
One of MSKB’s most annoying shortcomings is that the search engine doesn’t provide stemming. In other words, it doesn’t have the capability to search for alternate grammatical forms of search terms. For instance, the article “Remote Access Service (RAS) Error Code List” (Q163111) won’t be returned if you queried titles only for RAS error codes, because the word code appears in the article’s title instead of codes. To get around this problem, you often have to use various forms of your search terms, such as display, displays, displaying, and displayed.
Fine-tune your searches
As with any search system, two factors control the number of hits: the number of search terms provided and the search scope. The search scope can be set by selecting the appropriate radio button, Title Only or Full Text, which narrows or broadens the results, respectively. Also, try adjusting the search string. Unless set to Any Of The Words entered, the search engine treats search terms as if they had the and operator between them. So more search terms impose more limitations on the search engine and yield fewer results.

Browse your search results
There are various ways to browse the results. At the top of the results page, you should see the tabs shown in Figure D. Using these tabs, you can browse the search results page in three views: Refine Your Search, Preview Articles, and View Results Only.

Figure D

If you have a relatively fast Internet connection, I recommend using the Preview Articles mode, which provides a split-screen interface. It allows you to skim through articles without losing touch with the result set. Alternatively, you can press [Shift] and click the articles’ title links to open the articles in a new window for a quick peek.

Express search using Google
My final search tips come from my fellow TechRepublic members. In response to my previous article, member Uber Geek suggested setting Google to search Microsoft’s Support Web site, superseding TechNet’s internal search mechanism. Because Google usually provides the results considerably faster than Microsoft’s search, this little trick can save you loads of time. Member Gbakken posted a follow-up and offered a link that leads directly to a Google Web page that is set to search Microsoft’s

Microsoft should be concentrating on securing Windows instead of trying to challenge security software companies, according to research firm Gartner.

Best online Microsoft MCTS Certification, Microsoft MCITP Certification at Actualkey.com

Microsoft has bought two antivirus companies and an anti-spyware company–the latter acquisition has already produced an anti-spyware application for Windows–since Chairman Bill Gates launched the Trustworthy Computing Initiative. That effort changed the company’s coding practices to make security developers’ first priority.

But Microsoft has missed an opportunity to make it clear what role it wants to play in the security market, by not stating its intentions, Gartner analyst Neil MacDonald said in an advisory published Friday. The company needs to “articulate whether it plans to be a leader in consumer and enterprise security solutions across desktop, server and server gateway,” he said.

“Microsoft’s overriding goal should be to eliminate the need for (antivirus) and (anti-spyware) products, not simply to enter the market with look-alike products at lower prices,” MacDonald added.

In the advisory, MacDonald predicted that Microsoft will launch a combined antivirus and anti-spyware product by the middle of 2005. That software will directly compete with established products such as Norton Antivirus from Symantec, he said.

“This move will challenge antivirus vendors that depend heavily on revenue from consumers–such as Symantec–and vendors that derive substantial revenue from upselling enterprises to antivirus product suites that include desktops and servers, such as McAfee and Computer Associates,” MacDonald said.

James Turner, security analyst at Frost & Sullivan, told ZDNet Australia that Microsoft’s security strategy is a “commercially sensitive” area and that the company is not obliged to reveal its strategy.

“The fact is that Microsoft have purchased a number of security-oriented companies–anti-spyware and antivirus. You don’t buy a number of companies for the fun of it. This is part of a long term strategy,” Turner said.

Additionally, Turner said Microsoft’s attitude to security has changed since the launch of its trustworthy computing initiative. He pointed to the company’s response to the recent attack on MSN Messenger.

“You don’t just judge a company by what they say, you also judge them by what they do. Microsoft’s recent clampdown on MSN Messenger to repair the vulnerabilities there is a clear sign that Microsoft can mobilize very quickly when something is completely within its control. If Microsoft was ignoring security, the market would punish it and so would the legal system,” Turner said.

Gartner’s MacDonald also rapped Microsoft’s decision to create an updated version of Internet Explorer (7.0) for Windows XP only, hinting that motive for the decision could be to push corporate customers into upgrade their systems from Windows 2000.

“The decision to restrict IE 7.0 to the XP platform also suggests that Microsoft wants to force users of older platforms to upgrade, if they want improved security,” he wrote. “If Microsoft wishes to be seen as a responsible industry leader in maintaining security for its products and its customers, it should provide IE 7.0 for Windows 2000 users.”

MacDonald said that Microsoft should rebuild IE with security in mind from the bottom up, rather than make “evolutionary” security improvements to the browser software.

The Gartner advisory concludes with recommendations that are likely to cause some concern to traditional antivirus vendors.

The research firm suggests that corporate customers demand that their antivirus provider offers an enterprise-class solution–including anti-spyware–at no cost by the end of this year. It also advises businesses to demand a “converged desktop security product with antivirus, anti-spyware, personal firewall and behavior blocking at a total price no more than 20 percent higher than what you now pay for standalone (antivirus).”